Anchiva Appliances Find Malware Faster

Anchiva Systems started shipping its first product--a family of gateway anti-malware appliances--in late 2006. Now, a major upgrade to the appliances' operating system, Anchiva OS 2.0, boosts the speed of the appliances, adds a recon mode, and adds the ability to scan outbound traffic and content (such as blog and wiki entries) uploaded to a company's Web site.

Anchiva Systems, launched in 2004, boasts a management team of former NetScreen Technology, Juniper Networks, and Trend Micro employees. Presumably, they're using their accumulated knowledge to try to produce a better anti-malware tool. Anchiva does its own threat research in its Anchiva RapidRX Labs and uses a hardware appliance rather than a software solution. VP of Marketing and Business Development Richard Hanke told me that these two factors let Anchiva optimize its signatures to run on the Anchiva hardware. RecentICSA Labs Premier Services tests clocked the Anchiva 2000X appliance at 800 Mbps when scanning HTTP traffic, a speed which Anchiva says is three times faster than that of software solutions.

The Anchiva malware database currently has 600,000 signatures. Anchiva claims this is the largest database, and Hanke told me that software antivirus solutions have to actually remove signatures from their databases to help their products perform better.

The new recon mode in Anchiva OS 2.0 lets companies use the appliances in offline mode so that they scan traffic without blocking anything. This feature lets companies try the product out before deploying it in full inline production mode.

Hanke said that Anchiva's target market is large enterprises and educational institutions. Large organizations that have lots of Internet traffic require a tool that can scan traffic more quickly. Schools tend to have "dirtier networks" because young users download and upload more files from and to the Web and connect to other networks (such as wireless networks).